Hi! Yes you need a cookie banner as well :) When it comes to the use of cookies or similar technologies it is the ePrivacy Directive that applies and article 5 (3) is clear that you need: 1. the users' prior opt-in consent 2. to provide clear and comprehensive information about the use of cookies (tRead more
Hi! Yes you need a cookie banner as well ๐ When it comes to the use of cookies or similar technologies it is the ePrivacy Directive that applies and article 5 (3) is clear that you need:
1. the users’ prior opt-in consent
2. to provide clear and comprehensive information about the use of cookies (through a cookie notice)
3. offer the users the possibility to opt-out any given time
Speech on the other hand can reveal our opinion, information about our habits or preferences, but also information about other individuals. So basically my response concerns the part on whether the recording consists personal data or no. Interesting question! Regarding the disclosure of the recordinRead more
Speech on the other hand can reveal our opinion, information about our habits or preferences, but also information about other individuals. So basically my response concerns the part on whether the recording consists personal data or no. Interesting question! Regarding the disclosure of the recording, just to be same I would deduct the employees voice. It’s always better to be safe than sorry ๐
Here we need to distinguish between voice (the sound produced by humans using the lungs and the vocal folds in the larynx) and speech (when we express thoughts, feelings, and ideas orally to one another through a series of complex movements that alter and mold the basis tone created by voice into spRead more
Here we need to distinguish between voice (the sound produced by humans using the lungs and the vocal folds in the larynx) and speech (when we express thoughts, feelings, and ideas orally to one
another through a series of complex movements that alter and mold the basis tone created by voice into specific, decodable sounds). Now is voice or speech personal data according to the GDPR? Only representations of voice and speech (e.g. voice recording, speech sample, written texts) can be considered as personal data if they relate to an identified/identifiable individual. Thus, only voice data or speech data can be personal data. Voice can fall under the definition of “biometric data” (see A4.14) and in some cases when processed for the purpose of uniquely identifying a natural person, it could be a special category of personal data. Voice can also reveal ethnic origin (e.g.if there is an accent) or health data (if there is a stuttering.
I agree with the previous comments. I have never been asked to reveal the name of my clients. They might ask you generic questions, such as the number of employees in some cases but nothing to identify the name of the organisation.
I agree with the previous comments. I have never been asked to reveal the name of my clients. They might ask you generic questions, such as the number of employees in some cases but nothing to identify the name of the organisation.
It has already been established that consent is not valid in the employee-employer relationship due to the imbalance of powers. Even if consent would be a valid legal basis, for Article 9 personal data, you need a specific condition to apply (article 9 para. 2), such as explicit consent. Therefore,Read more
It has already been established that consent is not valid in the employee-employer relationship due to the imbalance of powers. Even if consent would be a valid legal basis, for Article 9 personal data, you need a specific condition to apply (article 9 para. 2), such as explicit consent. Therefore, just an affirmative action (which qualifies for consent), would not meet the requirement of explicit consent.
I would recommend to rely on another legal basis and identify another condition for processing special categories of personal data. Note that you need both a legal basis and an article 9 para. 2 condition to apply in order to process special categories of personal data.
This is a data breach that affects the availability of personal data, meaning that personal data is no longer available to authorised users. You should do your risk assessment, and then if there is a risk to data subjects, report it to the SA. As it is an availability data breach, pay special attentRead more
This is a data breach that affects the availability of personal data, meaning that personal data is no longer available to authorised users. You should do your risk assessment, and then if there is a risk to data subjects, report it to the SA. As it is an availability data breach, pay special attention on whether there is a backup or another way to restore the data, or if the personal data has been completely destroyed. I assume it is about hard copies, but maybe there is a way to retrieve the personal data.
I have written an article about that, have a look if you want as the character limitation does not allow me to expand :) https://www.linkedin.com/pulse/right-personal-data-protection-privacy-elisavet-dravalou/?articleId=6650329536716247040
It is a personal choice, but unfortunately nowadays that most of us live in democratic societies, take privacy for granted. The right to privacy "creates a private bubble" around the individual that does not allow others to intervene. That is violated with the current practices of big companies, andRead more
It is a personal choice, but unfortunately nowadays that most of us live in democratic societies, take privacy for granted. The right to privacy “creates a private bubble” around the individual that does not allow others to intervene. That is violated with the current practices of big companies, and most of the times we are not even aware of it.
You can also read this article: https://www.linkedin.com/pulse/clubhouse-next-privacy-nightmare-youve-never-heard-alexander-hanff/?trackingId=n9D3i5fCIc4O1N5A4kqeeg%3D%3D
Does a EU website need a cookie consent popup?
Elisavet D.
Hi! Yes you need a cookie banner as well :) When it comes to the use of cookies or similar technologies it is the ePrivacy Directive that applies and article 5 (3) is clear that you need: 1. the users' prior opt-in consent 2. to provide clear and comprehensive information about the use of cookies (tRead more
Hi! Yes you need a cookie banner as well ๐ When it comes to the use of cookies or similar technologies it is the ePrivacy Directive that applies and article 5 (3) is clear that you need:
See less1. the users’ prior opt-in consent
2. to provide clear and comprehensive information about the use of cookies (through a cookie notice)
3. offer the users the possibility to opt-out any given time
Access requests for voice recordings . Is my voice alone personal data and covered by.a DSAR?
Elisavet D.
Speech on the other hand can reveal our opinion, information about our habits or preferences, but also information about other individuals. So basically my response concerns the part on whether the recording consists personal data or no. Interesting question! Regarding the disclosure of the recordinRead more
Speech on the other hand can reveal our opinion, information about our habits or preferences, but also information about other individuals. So basically my response concerns the part on whether the recording consists personal data or no. Interesting question! Regarding the disclosure of the recording, just to be same I would deduct the employees voice. It’s always better to be safe than sorry ๐
See lessAccess requests for voice recordings . Is my voice alone personal data and covered by.a DSAR?
Elisavet D.
Here we need to distinguish between voice (the sound produced by humans using the lungs and the vocal folds in the larynx) and speech (when we express thoughts, feelings, and ideas orally to one another through a series of complex movements that alter and mold the basis tone created by voice into spRead more
Here we need to distinguish between voice (the sound produced by humans using the lungs and the vocal folds in the larynx) and speech (when we express thoughts, feelings, and ideas orally to one
See lessanother through a series of complex movements that alter and mold the basis tone created by voice into specific, decodable sounds). Now is voice or speech personal data according to the GDPR? Only representations of voice and speech (e.g. voice recording, speech sample, written texts) can be considered as personal data if they relate to an identified/identifiable individual. Thus, only voice data or speech data can be personal data. Voice can fall under the definition of “biometric data” (see A4.14) and in some cases when processed for the purpose of uniquely identifying a natural person, it could be a special category of personal data. Voice can also reveal ethnic origin (e.g.if there is an accent) or health data (if there is a stuttering.
Can you ask ICO anonymously?
Elisavet D.
I agree with the previous comments. I have never been asked to reveal the name of my clients. They might ask you generic questions, such as the number of employees in some cases but nothing to identify the name of the organisation.
I agree with the previous comments. I have never been asked to reveal the name of my clients. They might ask you generic questions, such as the number of employees in some cases but nothing to identify the name of the organisation.
See lessCollecting Special Category Data for staff
Elisavet D.
It has already been established that consent is not valid in the employee-employer relationship due to the imbalance of powers. Even if consent would be a valid legal basis, for Article 9 personal data, you need a specific condition to apply (article 9 para. 2), such as explicit consent. Therefore,Read more
It has already been established that consent is not valid in the employee-employer relationship due to the imbalance of powers. Even if consent would be a valid legal basis, for Article 9 personal data, you need a specific condition to apply (article 9 para. 2), such as explicit consent. Therefore, just an affirmative action (which qualifies for consent), would not meet the requirement of explicit consent.
I would recommend to rely on another legal basis and identify another condition for processing special categories of personal data. Note that you need both a legal basis and an article 9 para. 2 condition to apply in order to process special categories of personal data.
See lessLiability Caps – What is your experience?
Elisavet D.
I agree with Tash!
I agree with Tash!
See lessFire destroyed personal data
Elisavet D.
This is a data breach that affects the availability of personal data, meaning that personal data is no longer available to authorised users. You should do your risk assessment, and then if there is a risk to data subjects, report it to the SA. As it is an availability data breach, pay special attentRead more
This is a data breach that affects the availability of personal data, meaning that personal data is no longer available to authorised users. You should do your risk assessment, and then if there is a risk to data subjects, report it to the SA. As it is an availability data breach, pay special attention on whether there is a backup or another way to restore the data, or if the personal data has been completely destroyed. I assume it is about hard copies, but maybe there is a way to retrieve the personal data.
See lessProtection v Privacy
Elisavet D.
I have written an article about that, have a look if you want as the character limitation does not allow me to expand :) https://www.linkedin.com/pulse/right-personal-data-protection-privacy-elisavet-dravalou/?articleId=6650329536716247040
I have written an article about that, have a look if you want as the character limitation does not allow me to expand ๐
See lesshttps://www.linkedin.com/pulse/right-personal-data-protection-privacy-elisavet-dravalou/?articleId=6650329536716247040
Is privacy over rated?
Elisavet D.
It is a personal choice, but unfortunately nowadays that most of us live in democratic societies, take privacy for granted. The right to privacy "creates a private bubble" around the individual that does not allow others to intervene. That is violated with the current practices of big companies, andRead more
It is a personal choice, but unfortunately nowadays that most of us live in democratic societies, take privacy for granted. The right to privacy “creates a private bubble” around the individual that does not allow others to intervene. That is violated with the current practices of big companies, and most of the times we are not even aware of it.
Note: When we talk about the GDPR, we are not talking about privacy but about the right to data protection. The right to privacy is the right to be left alone, while the right to data protection is about processing personal data under certain principles, in order to protect other fundamental rights and freedoms. Read also: https://www.linkedin.com/pulse/right-personal-data-protection-privacy-elisavet-dravalou/?articleId=6650329536716247040
See lessGDPR vs. Clubouse
Elisavet D.
You can also read this article: https://www.linkedin.com/pulse/clubhouse-next-privacy-nightmare-youve-never-heard-alexander-hanff/?trackingId=n9D3i5fCIc4O1N5A4kqeeg%3D%3D
You can also read this article: https://www.linkedin.com/pulse/clubhouse-next-privacy-nightmare-youve-never-heard-alexander-hanff/?trackingId=n9D3i5fCIc4O1N5A4kqeeg%3D%3D
See less